So far, 2012 has been a banner year for fraud. Research from information services company Experian published in June 2012* reveals that “the financial services industry saw a 16 per cent quarter-on-quarter jump in fraud rates in the period January-March 2012, driven primarily by a significant surge in current account fraud”.
Forty-four out of every 10,000 current account applications were found to be fraudulent during that first quarter – a 23 per cent jump than the last quarter of 2011, representing the busiest period for current account fraud ever recorded by Experian.
How is this flood of fraudulent activity being achieved? According to Nick Mothershaw, UK director of identity & fraud services at Experian, it is “mostly emanating from individuals providing false information attempting to open new accounts or obtain overdrafts or making payments they knowingly couldn’t afford. The threat of identity fraudsters seeking to open accounts in the names of unsuspecting third parties, for money laundering or as a springboard to attempt fraud on more lucrative credit products, also remains.”
It’s a big concern for the sector and one that is based largely on a lack of robust identity verification systems. The standard method of credit checks and proof of ID only go so far and as more people find ways to fool the system, the more vulnerable it becomes.
And yet this need not be a problem. Advances in big data management and permissions-based mAnalytics offer an unprecedented opportunity to stem the tide of fraud, giving financial services a way to verify that a person is who they claim to be through something as simple as a mobile phone.
Tapping into data
“Network data is an untapped resource and it can be useful to any organisation hoping to learn as much as it can about both current and potential customers,” says Chris Handley, group head of mobile analytics at Vodafone Global Enterprise. “In the case of financial services, it’s an additional layer of protection, helping the sector verify the information at hand and closing the door on people trying to use stolen identities.”
Handley highlights three simple scenarios where mAnalytics could be used to combat fraud:
- Current account application: Anyone applying for a current account will be required to provide proof of a home address and telephone number. Using permissions-based mAnalytics, that information can be verified by the mobile operator against the phone’s known position as well as its history - including work history. Instead of relying on a paper-based trail, which can be fooled fairly easily, this gives the bank another way to check an applicant’s ID.
- “Card present” transactions: If someone is using a card to pay for something in person – a hotel room or meal at a restaurant, for example – the card provider will score the transaction and allow for payment to go through if all criteria are satisfied. If it fails, then the info is passed along to the mobile operator who can then check against the phone’s data against the location data held by the bank and adjust the fraud score accordingly. This can help cut down on stolen cards being used in transactions
- “Card not present” transactions: With the growth in online purchases, card fraud has risen accordingly, giving criminals new ways to cheat the system. In most cases, ordering items online requires a card number and a security code as well as an address for delivery that may or may not match the billing address. Using mAnalytics, a phone operator can build up a picture of the owner, including known addresses as well as location or site-specific buying habits. All of these factors can be used to determine the level of risk involved in any transaction in support of the financial services provider.
By introducing mAnalytics as part of any identity verification system, there is an opportunity to shut down any weak points in the system thereby minimising the chances that attempts at fraud will succeed while maintaining customer satisfaction levels.
"The UK’s lost billions from inefficient online identity and security measures. This a price that doesn’t have to be paid given that technology now enables incredibly robust identity checks to be undertaken almost instantaneously." Nick Mothershaw,
UK director of identity & fraud services at Experian
Permissions and preferences
With permissions-based mAnalytics representing this tremendous opportunity, why aren’t more financial services providers queuing up to take advantage? For most, it’s down to the permissions part of the story.
“Big data management and permissions-based mAnalytics offer tremendous value and insight for businesses and individuals alike,” says Chris Handley, group head of mobile analytics at Vodafone Global Enterprise (VGE). “But only if all parties are clear and open about their intentions and expectations. Without this in place, you’re unlikely to gain that permission in the first place.”
VGE has developed a framework that will allow customers to serve their own data permissions and preferences via a portal. This provides transparency and control over what they grant or revoke in terms of their data usage as well as the incentives, rewards or benefits they will receive as a result of sharing their data
“We’re the custodian of our customers’ data,” says Chris Handley, group head of mobile analytics at Vodafone Global Enterprise. “We need to have a water tight strategy as well as a manifesto on how, what, when and why we would use this data. It’s a question of trust and we take that very seriously. Without the clear guidelines and protections on place to take care of that data, there will be no trust and the system won’t be able to function.
“This new privacy and preference strategy is creating a new relationship with customers when it comes to the value of their data,” says Handley. “We’re establishing a clear and transparent view of data with customers, so they know we’re handling their data in a responsible way and understand exactly how we’re using that data. This includes our customer data charter which outlines our approach, for example not selling data to third parties, not tracking individual phones and so on.”
VGE conducted research regarding how customers felt about how large telecoms and third-party operators, including Google and others, handle data –VGE and other mobile operators are viewed as trusted. This trust is vital in order to gain customer consent to use this rich source of data, so that everyone gets the most out of it.
“The more we know about our customers, the more accurately we can position offers and services that are relevant to them,” says Handley. “Vodafone’s customer base represents approximately 30 per cent of the UK population. If those customers were willing to share their built-in smart phone data – from location to how they use their devices to how they use their phones to buy things, to online access – they could take advantage of any number of benefits.”
These benefits extends beyond financial services: if customers switched on their phone’s geo-location capabilities and agreed to opt into VGE’s permissions and preferences strategy, VGE would be able to use that data to do more that streamline credit applications.
“This information could be used to determine everything from how many people are walking in and out of a store to testing campaign promotions and store layout, which will ultimately be used to provide customers with a better service,” says Handley. “For example, outdoor ad campaigns are typically a bit ‘finger in the air’ but we can assess foot traffic around a site as well as determining whether people are following through on calls to action, from accessing a website to reading a promotional QR code.
“This degree of information and level of detail is unheard of in advertising and allows companies to offer the right products and services to the right people at the right time and place.”
And that’s the key: whether applying for a current account or trying to buy something online, people are not interested in having their time wasted and are prepared to abandon any transaction at the first sign of a problem. But with permission-based mAnalytics, customers hold all the cards: they can log in to a database to see what data is being held and they can delete or specify how much detail as they are comfortable with. They can control the level of information that is being held at any given time and know that it is being used to keep things moving as quickly and efficiently as possible.
As Professor Paul Barnes, director of the International Fraud Prevention Research Centre, points out, “depending on the reason for the identity verification check, our tolerance during a transaction varies greatly – and can be as short as a 60 second window. With millions potentially being lost from the key industries in the UK, it is vital that this issue is addressed as soon as possible.”
* “Current account fraud hits highest level ever, according to Experian”. Experian. http://press.experian.com
** “UK shoppers abandon over £1 billion worth of online transactions due to inefficient identity measures”. Experian. http://press.experian.com